For Flughafen Zürich AG, risk management is a key factor for successful company management. Comprehensive risk management ensures that risks are handled systematically with due consideration and guarantees transparency regarding all the internal and external risks associated with business activities as well as continuous monitoring and improvement of the risk situation.
Risk management as a management and operating tool
The Flughafen Zürich AG risk management system is the management and operating tool for managing corporate risk. Comprises the following components:
- Risk policy objectives and principles
- Risk management organisation
- Risk management process (method for managing risk)
- Risk reporting
Auditing and review of the risk management system
The risk management organisation forms the backbone of this system and includes the following units and functions:
Board of Directors, Management Board and Chief Risk Officer
The Board of Directors and Management Board have the overall responsibility under Swiss company law for ensuring the groupʼs existence and profitability. The Board of Directors is responsible for overall oversight of risk management. The Chief Financial Officer also acts as the Management Boardʼs Chief Risk Officer.
Risk Management & Insurance department
The Risk Management & Insurance department is run by the Risk Manager, who reports to the Chief Risk Officer. This department supports the line units in all matters relating to risk management and is responsible for risk reporting as well as the operation and continued development of the risk management system.
Line units (divisions and departments)
As part of their function, the line units bear the responsibility for risks in their respective division or department and manage them within the framework of the risk management system (risk owner concept).
In consultation with the Risk Management & Insurance department, the specialised units perform specific risk-related cross-divisional functions within the group (liquidity management, occupational safety and health, information security, fire prevention, contingency planning, etc.).
In reporting on risks, Flughafen Zürich AG describes in detail the most important business risks identified and assesses risks for their probability of occurrence as well as for their potential operational and economic impact. Responsibilities and a plan of action with specific target dates are also defined and outline how the respective risk can be reduced. The risk management organisation continually monitors the implementation of the defined measures. The risk report is presented to the Management Board and the Board of Directors twice a year.
Flughafen Zürich AG operates a compliance management system as another important component of its comprehensive risk management strategy. The aim of compliance management is to systematically identify, understand and comply with applicable legal regulations as well as internal corporate guidelines and ethical principles.
A review of compliance with relevant laws, guidelines and principles is conducted in around 30 different areas, Within their areas, process owners are responsible for (1) precautionary measures such as providing information, guidelines and checklists to line managers and individual employees; (2) performing the checks required for compliance audits; and (3) systematic reporting. The ultimate responsibility for compliance with laws, guidelines and principles lies with line management. A broadly based Compliance Steering Committee headed by the Chief Risk Officer monitors consistent and uniform implementation of compliance management procedures.
The risk management organisation produces a comprehensive biannual compliance report at the request of the Chief Risk Officer based on information provided by the process owners. This report covers all areas and is submitted to the Management Board and the Board of Directors.